On Mon, 12 Feb 2018, Valery Smyslov wrote:

This is one particular implementation peculiarity, there
will be others that behaves oddly. The point is, if we introduce a new
Transform Type, it is very likely that backward compatibility can no
longer be achieved.

Again, it depends. If the majority of implementations immediately crash once 
receive unknown transform, then I agree that we need another mechanism...
Most of other cases usually can be dealt with. Probably not all and probably
not as elegant as we wish, but still I believe they can.

We still have plenty of time to get the word out to those
implementations to fix their problem. By the time we have a
document ready for post quantum transforms, those implementations
should have been fixed. It's a little early now to deem this
an unsurmountable problem.

I prefer to reuse existing code for this and I see no reason why it cannot be 

I agree.


IPsec mailing list

Reply via email to